Control Global

Microsoft Corp. is working with the OPC Foundation to enable almost any IIoT scenario using interoperability between the millions of OPC UA-compliant applications and equipment. Microsoft will enable IIoT users to connect manufacturing equipment and software with extended support of OPC UA's open-source software stack. Microsoft’s extended support for OPC UA spans its IoT offerings from local connectivity with Windows devices to cloud connectivity via Microsoft Azure. Integration with Azure IoT allows customers to easily send OPC UA data to the Azure cloud, as well as command and control OPC UA devices remotely from the Azure cloud.
Pepperl+Fuchs broke ground June 2 on its new U.S. distribution and engineering center in Katy, Texas, near…

While routine build-up and clogging in process applications is annoying, process scaling is more persistent, causes unplanned downtime and increases costs in many industries. It's typically composed of calcium carbonate, wax, grease or similar…

Just as you can't have too many friends, level measurement applications can't get enough ease of use, reliability and safety. Thanks to increasing process industry needs and user demand for them, these are the three unifying priorities that drove…

Our panel of experts explore best practices for dealing with buildup on chemical seals of a differential pressure flowmeter.

Q: We have a venturi flowmeter with 3-in. flanged pressure taps and flanged chemical seals with capillary tubes in a 44-in. vertical pipe (Figure 1). The fluid is hydrocarbon (polymeric) gas. The problem is that the chemical seal diaphragms often…

A Control Design reader writes: We have several temperature, pressure and flow sensors on a new medical-device cleaning skid that we are developing. These instruments are connected to a PLC as 4-20 mA inputs, and there is also a 4-20 mA output used to control a pump motor speed. A recent failure of a flow sensor brought the process skid instrumentation to my company's quality manager's attention. He asked how we know that the temperatures, pressure and flow are accurate, and how do we know that we are cleaning properly.
I've been tasked to write a procedure for troubleshooting, calibrating and testing the 4-20 mA instruments on the skid. I can probably stumble through this, but what are some best practices for troubleshooting the analog…

Control's Monthly Resource Guide brings you the latest online resources on a variety of process control topics.

MULTI-PART WEIGHING
This four-section webpage by Omega Engineering covers "Weighing Applications," "Weighing System Design," "Installation and Calibration" and "Specialized Installations." The whole group is located at…

FOPDT model has demonstrated utility for controller tuning rules, for structuring decouplers and feedforward control algorithms.

A first-order plus deadtime (FOPDT) model is a simple approximation of the dynamic response (the transient or time-response) of a process variable to an influence. It’s also called first-order lag plus deadtime (FOLPDT), or “deadtime” may be…

'To the degree networks and standards can provide easy, consistent and seamless access to device-resident controls, the vision of truly distributed control may finally dawn upon us.'

Every compressor in the facility went down at once that day, when a PLC redundancy switchover didn’t transfer in time. The engineers didn’t know that each P453 remote I/O processor had a dip-switch-selectable timeout setting—if it didn’t…

A Control Design reader writes: We have several temperature, pressure and flow sensors on a new medical-device cleaning skid that we are developing. These instruments are connected to a PLC as 4-20 mA inputs, and there is also a 4-20 mA output used to control a pump motor speed. A recent failure of a flow sensor brought the process skid instrumentation to my company's quality manager's attention. He asked how we know that the temperatures, pressure and flow are accurate, and how do we know that we are cleaning properly.
I've been tasked to write a procedure for troubleshooting, calibrating and testing the 4-20 mA instruments on the skid. I can probably stumble through this, but what are some best practices for troubleshooting the analog…

Most public utilities deliver basic power and water, and God bless them for doing it. However, a few go beyond their essential missions, and seek to further enhance the overall well-being and prosperity of their communities.
One of these is…

Advanced control on fuel and steam can control emissions while saving millions.

It’s no secret that advanced process control (APC) has played a major role in the process industries for many decades. However, while many organizations focus only on major process units, there’s often an untapped opportunity to do more, and…

Our readers tell us who they think delivers the best technology in our industry

There's knowledge in our readers. That's why every year we ask our loyal audience to help us determine which automation service providers offer the best products and brands they can rely on to get the best combination of performance, ease of use,…

Just when it seems like today’s sophisticated motors and drives can’t possibly add more efficiencies and capabilities, engineers conjure up new tricks and refinements, followed by end users and system integrators who materialize new settings and…

Control's monthly guide brings you invaluable industry information to stay up to date on the latest trends and developments.

THE CLASSIC VALVE BOOK
The fourth edition of the 295-page classic text, "Control Valve Handbook," by Fisher Controls International and Emerson Process Management reports this classic text has been a primary reference since its first printing in1965.

Control's monthly guide brings you invaluable industry information to stay up to date on the latest trends and developments.

THE CLASSIC VALVE BOOK
The fourth edition of the 295-page classic text, "Control Valve Handbook," by Fisher Controls International and Emerson Process Management reports this classic text has been a primary reference since its first printing in1965.

Just when it seems like today’s sophisticated motors and drives can’t possibly add more efficiencies and capabilities, engineers conjure up new tricks and refinements, followed by end users and system integrators who materialize new settings and…

Actionable information is essential for the effectiveness of the 'loop,' as it is for closed-loop control and open-loop alarms.

When I sat down in my office this morning, I was greeted by the operations manager, who pointed out an entry from last night’s operations log: “Did you see? The boiler steam vent is in manual because the pressure reading whacked out and made the…

Actionable information is essential for the effectiveness of the 'loop,' as it is for closed-loop control and open-loop alarms.

When I sat down in my office this morning, I was greeted by the operations manager, who pointed out an entry from last night’s operations log: “Did you see? The boiler steam vent is in manual because the pressure reading whacked out and made the…

Actionable information is essential for the effectiveness of the 'loop,' as it is for closed-loop control and open-loop alarms.

When I sat down in my office this morning, I was greeted by the operations manager, who pointed out an entry from last night’s operations log: “Did you see? The boiler steam vent is in manual because the pressure reading whacked out and made the…

Our readers tell us who they think delivers the best technology in our industry

There's knowledge in our readers. That's why every year we ask our loyal audience to help us determine which automation service providers offer the best products and brands they can rely on to get the best combination of performance, ease of use,…

Visualizing and contextualizing safety data can have a positive impact on productivity and compliance.

"Information is one thing, but safety information is quite another," says George Schuster. He should know. He’s charged with business development for the Global Safety Team of Rockwell Automation and has seen many plants and factories begin to…

How to deal with the constraints of putting access points in hazardous areas.

In an ideal world, it wouldn’t be necessary to worry about explosive atmospheres. Unfortunately, plant environments are far from ideal, with most process plants being about 80% Class I, Div. 2 (Zone 2) and another 10% Class I Div. 1 (Zone 1), so…

Key is to learn as much as possible to make digital technologies safe, secure and successful in process settings.

As usual, and I’m sure this is true for many of you, this year’s autumn season has been a frantic dash of work, deadlines, sleep deprivation, indigestion and suspiciously arthritic stiffness. In my case, this means covering all sides of the…

With today’s network technology, even Ethernet and wireless are almost always fast enough.

As automation professionals, one issue we have about control loops is ensuring we're able to support real-time control. Historically, when Ethernet was 10 MB/s and there were multiple drops on a single port, collisions were a significant concern and…

With today’s network technology, even Ethernet and wireless are almost always fast enough.

As automation professionals, one issue we have about control loops is ensuring we're able to support real-time control. Historically, when Ethernet was 10 MB/s and there were multiple drops on a single port, collisions were a significant concern and…

Because they're the crossroads, nexus and Grand Central Station for sensor signals and data arriving and requests and actuation instructions departing, it's a big help that I/O and terminal blocks are more flexible and capable than ever.

Compact, Remote I/O for Zone 2/Div 2
LB System remote I/O has more power in less space with high-performance, compact modules plugged into a backplane. Energy-saving power management and low-power dissipation allow maximum packing density. With the…

Be just 33 seconds more productive each hour, and the savings mount quickly.

Rockwell Automation previewed its new, forward-looking App Platform for mobility at this week’s TechED conference in Orlando. While focused first on redefining smartphone use on the plant floor – with the aim of making individual workers more…

Control’s latest State of Technology report delves into the many aspects of power systems of interest in process plants.

From sourcing and ensuring uninterrupted flows of clean electricity to monitoring, regulating and metering generation and consumption throughout a facility, process automation professionals who want a smooth-running, efficient and reliable facility are well advised to seek and control power.
This anthology of recent articles delves into the many aspects of power systems of interest in process plants. Remote and wireless systems are speeding development and standardization of energy harvesting and improved battery systems.
Line-powered supplies that used to only transform electricity and maybe offer surge protection are now monitoring and measuring current and voltage profiles, implementing alerts and alarms, and sending data up to…

Greg: Here we take advantage of the chance to talk to Bill Thomas, who provides a great lesson of how to succeed in advancing capabilities and opportunities in his career and the control systems for which he was responsible. His career and the…

Control's monthly guide brings you invaluable industry information to stay up to date on the latest trends and developments.

AT THEIR BEST, ALL THE TIME
ExperTune’s white paper, “How to Improve Performance of Process Control Assets,” by George Buckbee, P.E., describes the practice of real-time asset performance management, shows how to get assets to perform at their best all the time, and demonstrates the value of integrating these tools for a performance picture that delivers financial results. It’s available here.
ISA / www.isa.org
ANALYZING, PREDICTING PROBLEMS
This 57-minute video, “Avoid Equipment Surprises: Predictive Diagnostics for Oil & Gas,” is presented by Joe Dupree, GE Automation and Controls, and users from NiSource Gas and Alyeska. They demonstrate condition-based monitoring, predictive analytics and other tools for evaluating…

Steve Christian remembers the days—not too long ago—when production schedules were printed on sheets of paper and distributed to operators at his plant, who would manually twist valve handles to send the Ragu sauce tomato slurry from one kettle…

Advanced control on fuel and steam can control emissions while saving millions.

It’s no secret that advanced process control (APC) has played a major role in the process industries for many decades. However, while many organizations focus only on major process units, there’s often an untapped opportunity to do more, and…

Find and slay the dragons lurking in the typical safety instrumented system.

Cybersecurity is a growing concern in the process industries, and a number of good articles have been written about it for industrial control systems (ICS)—many full of doom and gloom. Here, we will divide the ICS into two parts: safety…

Big data can only help users if they understand what it is, how it can affect their controls and processes, and how they can use it to optimize operations.

Similar to any new technology emerging on the process control front, big data can only help users make better decisions if they understand what it is, how it can affect their controls and processes, and how they can use it to optimize operations.

Our readers tell us who they think delivers the best technology in our industry

There's knowledge in our readers. That's why every year we ask our loyal audience to help us determine which automation service providers offer the best products and brands they can rely on to get the best combination of performance, ease of use,…

White Papers

on 'Safety Instrumented Systems'

It is estimated that about 66% of the programmable electronic systems (PES) running in the process industry were installed before the publication of today's commonly used safety standards (IEC 61508 and IEC 61511/ISA 84). This paper covers changes brought about by adoption of these standards and what it means to the installed base.

Get the highlights here. See the best of the many presentations from the November event. Topics cover everything from finding workers for tomorrow's factories to 21st-century SCADA systems, safety, sustainability and the newest products from Rockwell Automation. Download the "Smart. Safe. Sustainable" Special Report.

Article 120.1 of the NFPA 70E establishes the procedure for creating an electrically safe work condition. Since this was written, the day-to-day practice of electrical safety has changed going beyond the precise language of Article 120.1(1-6). This is due to the increased usage of permanent electrical safety devices (PESDs) in Lock-out/Tagout procedures. The relatively new concept of permanent electrical safety devices actually improves the workers' ability to safely isolate electrical energy beyond that which was originally conceived when Article 120 was written. PESDs go beyond the high standard, yet they still adhere to the core principles found in Article 120.1. With PESDs incorporated into safety procedures and installed correctly into electrical enclosures, workers can transition the once-risky endeavors of verifying voltage into a less precarious undertaking that never exposes them to voltage. Since, every electrical incident has one required ingredient - voltage, electrical safety is radically improved by eliminating exposure to voltage while still validating zero energy from outside the panel.

Frequently, our customers will ask for a "one size fits all" Surge Protective Device (SPD), eliminating the need to stock several different part numbers to meet their customers needs. Some manufactures claim to have a one size fits all Surge Protection Device (SPD), however there is absolutely no benefit of this to the end user. Why? The one size fits all approach could in most cases actually cause damage to the equipment it should be protecting.

Specifiers and users of Surge Protective Devices (SPDs) are adjusting to new terminology and requirements. UL revised their 1449 Safety Standard for Surge Protective Devices to increase safety. The National Electrical Code (NEC) incorporated specific language to require the use of these safer products. This tip sheet will explain some of the changes affecting specifiers and users.

Significant changes have taken place regarding Surge Protection Devices and UL 1449. With the changes has come different product marking requirements to identify those testing and product changes. Manufacturers of SPD equipment have long been testing to UL 1449 but only recently have such significant changes taken place regarding a whole product categories testing and performance.

An updated UL 1449 standard was released titled UL Standard for Safety for Surge Protective Devices, UL 1449 Third Edition, and was dated September 29, 2006. The result was that all manufacturers were required to retest their SPD products to ensure compliance before 9/29/2009.

The easiest way to notice a new SPD product versus an older product that still may be in inventory is the new gold UL holographic label on the product. The new label must have the SPD and not TVSS which was used during the later part of UL 1449- 2 edition.

In this global business environment, it is common for manufacturers in North America to ship equipment to Europe. North America and Europe each have their own standards for Surge Protective Devices (SPD's)
which makes understanding the differences in electrical system terminology very important. In North America, all SPD products are associated with UL 1449 3rd edition whereas in Europe, IEC 61643-1 is used to provide standards. Recently 1449 3rd edition adopted new terminology and testing criteria to be more congruent with IEC 61643-1. However, system voltages and the how they are defined differ between the two standards.

Selecting the appropriate Surge Protective Devices (SPD) can seem like a daunting task with all of the different types on the market today. The surge rating or kA rating of an SPD is one of the most misunderstood ratings. Customers commonly ask for an SPD to protect their 200A panel and there is a tendency to think that the larger the panel, the larger the kA device rating needs to be for protection As we will explore in this paper, this is a common misunderstanding.

When a surge enters a panel, it does not care or know the size of the panel. So how do you know if you should use a 50kA, 100kA or 200kA SPD? Realistically, the largest surge that can enter a building's wiring is 10kA, as explained in the IEEE C62.41 standard. So why would you ever need a SPD rated for 200kA? Simply stated - for longevity.

So one may think: if 200kA is good, then 600kA must be three times better, right? Not necessarily. At some point, the rating diminishes its return, only adding extra cost and no substantial benefit. Since most SPDs on the market use a metal oxide varistor (MOV) as the main limiting device, we can explore how/why higher kA ratings are achieved. If an MOV is rated for 10kA and sees a 10kA surge, it would use 100% of its capacity. This can be viewed somewhat like a gas tank, where the surge will degrade the MOV a little bit (no longer is it 100% full). Now if the SPD has two 10kA MOVs in parallel, it would be rated for 20kA. Theoretically, the MOVs will evenly split the 10kA surge, so each would take 5kA. In this case, each MOV have only used 50% of their capacity which degrades the MOV much less (leaving more left in the tank for future surges).

Does this translate into surge "stopping power?" No, just because an SPD has 2 or 20 MOVs in parallel it does not mean it will limit the 10kA surge any better then a single SPD (of the same rating). The main objective of having MOVs in parallel is to increase the longevity of the SPD. Again, keep in mind that it is subjective and at some point you are only adding cost by incorporating more MOVs and receiving little benefit.

As mentioned before, panel size does not really play a role in the selection of a kA rating. The location of the panel within the facility is much more important. IEEE C62.41.2 defines the types of expected surges within a facility as:
Category C: Service Entrance, more severe environment: 10kV, 10kA surge
Category B: Downstream, greater than 30' from category C, less severe environment: 6kV, 3kA surge
Category A: Further downstream, greater than 60' from category C, least severe environment: 6kV, 0.5kA surge

How do you know what kA rating to use? The IEEE categories provide a good base for selecting kA ratings. There are many "right" sizes for each category but there needs to be a balance between redundancy and added cost. Qualified judgment should always be used when selecting the appropriate kA rating for an SPD.

The Surge-Trap is a branded surge protection device (SPD)that utilizes Mersen's patented thermally protected metal oxide varistor (TPMOV) technology. This technology eliminates the need for fuses to be installed in series with the Surge-Trap SPD.

which saves money and panel space. Surge-Trap SPD is typically installed in industrial control panels to protect sensitive electrical equipment from harmful voltage transients. Nearly 80% of all transients are caused by equipment or power disturbances within a facility.

What Types of Ratings Do SPDs Have?
Do SPDs have a current rating? This is a trick question! They do not have a continuous current rating however they do have other important current-based ratings. They are required to have a short circuit current rating (SCCR), which is the maximum rms current at a specified voltage the SPD can withstand.

The nominal discharge current (In) is new to UL 1449 Third Edition (effective 9/29/09). This is the peak value of the current (20kA maximum) through the SPD (8/20μs waveform) where the SPD remains functional after 15 surges.

There are two main voltage ratings for an SPD, the first is maximum continuous operating voltage (MCOV) which is the maximum rms voltage that may be applied to the SPD per each connected mode.

Voltage protection rating (VPR) is determined as the nearest high value (from a list of preferred values) to the measured limiting voltage determined during the transient-voltage surge suppression test using the combination wave generator at a setting of 6kV, 3kA.

Download this presentation to see a series of highlights from the Greenhouse Gas Mandatory Reporting Rule (GHG MRR).

The most popular rendition of Murphy's Law is, "What can go wrong will, and at the worst possible time " In today's automation world, we are building ever more complicated automation and management systems, designed to eek the last bit of quality and production performance our of our processes. We are creating some fertile ground for the production of future Murphy's Law crops. Minimizing these risks, from all perspectives - Automation Vendor, System Integrator, and End User, is essential to create solutions that will degrade gracefully to minimize downtime.

Why am I writing about this now? Two Words - Hard Drive. As Baz Luhrmann once said in a commencement speech turned into "Sun Tan Song," "The real troubles in your life are apt to be things that never crossed your worried mind; the kind that blindside you at 4pm on some idle Tuesday." OK, in my case it was 3:15 on a Monday and I had to do a hard boot. That was it  "Drive not recognized." New Drive in hand, some software upgrades at the same time, backups that were out of date and a day later of loading, copying, recovering and I was 90% whole again, (not what the plant manager would want to hear, right?). A few shortcuts to get back on line quickly  Antivirus software can wait, documentation of the new system setup can wait, I won't forget to update that temporary license I got from my software vendor, to get back up and running By now you're likely shaking your head saying Yup, I've been there Oh, but it gets better. The next morning I wake up to a message saying there is a problem with the Operating System, and the system can't boot. Recover with a Boot Disk, scan the drive and there are bad clusters. The Bathtub Curve still exists

A number of previously unknown security vulnerabilities in the ICONICS GENESIS32 and GENESIS64 products have been publically disclosed. The release of these vulnerabilities included proof-of-concept (PoC) exploit code.

While we are currently unaware of any malware or cyber attacks taking advantage of these security issues, there is a risk that criminals or political groups may attempt to exploit them for either financial or ideological gain.

The products affected, namely GENESIS32 and GENESIS 64 are OPC Web-based human-machine interface (HMI) / Supervisory Control and Data Acquisition (SCADA) systems. They are widely used in critical control applications including oil and gas pipelines, military building management systems, airport terminal systems, and power generation plants.

Of concern to the SCADA and industrial control systems (ICS) community is the fact that, though these vulnerabilities may initially appear to be trivial, a more experienced attacker could exploit them to gain initial system access and then inject additional payloads and/or potentially malicious code. At a minimum, all these vulnerabilities can be used to forcefully crash system servers, causing a denial-of-service condition. What makes these vulnerabilities difficult to detect and prevent is that they expose the core communication application within the GENESIS platform used to manage and transmit messages between various clients and services.

This White Paper summarizes the current known facts about these vulnerabilities. It also provides guidance regarding a number of possible mitigations and compensating controls that operators of SCADA and ICS systems can take to protect critical operations.

The Stuxnet worm is a sophisticated piece of computer malware designed to sabotage industrial processes controlled by Siemens SIMATIC WinCC, S7 and PCS 7 control systems. The worm used both known and previously unknown vulnerabilities to spread, and was powerful enough to evade state-of-the-practice security technologies and procedures.

Since the discovery of the Stuxnet worm in July 2010, there has been extensive analysis by Symantec, ESET, Langner and others of the worms internal workings and the various vulnerabilities it exploits. From the antivirus point of view, this makes perfect sense. Understanding how the worm was designed helps antivirus product vendors make better malware detection software.

What has not been discussed in any depth is how the worm might have migrated from the outside world to a supposedly isolated and secure industrial control system (ICS). To the owners and operators of industrial control systems, this matters. Other worms will follow in Stuxnet's footsteps and understanding the routes that a directed worm takes as it targets an ICS is critical if these vulnerable pathways are to be closed. Only by understanding the full array of threats and pathways into a SCADA or control network can critical processes be made truly secure.

It is easy to imagine a trivial scenario and a corresponding trivial solution:Scenario: Joe finds a USB flash drive in the parking lot and brings it into the control room where he plugs it into the PLC programming station.Solution: Ban all USB flash drives in the control room.

While this may be a possibility, it is far more likely that Stuxnet travelled a circuitous path to its final victim. Certainly, the designers of the worm expected it to - they designed at least seven different propagation techniques for Stuxnet to use. Thus, a more realistic analysis of penetration and infection pathways is needed.

This White Paper is intended to address this gap by analyzing a range of potential "infection pathways" in a typical ICS system. Some of these are obvious, but others less so. By shedding light on the multitude of infection pathways, we hope that the designers and operators of industrial facilities can take the appropriate steps to make control systems much more secure from all threats.

There is an upside for forward-thinking manufacturers regarding EPA blueprint for the way state and local regulatory agencies use the Clean Air Act permitting process to regulate greenhouse gas emissions in the United States.

U.S. Environmental Protection Agency blueprint for the way state and local regulatory agencies use the Clean Air Act permit process to regulate greenhouse gas emissions in the United States is defined in their November 17 document: PSD and Title V Permitting Guidance for Greenhouse Gases.

The greenhouse gases that will be regulated include carbon dioxide, methane, nitrous oxide, sulfur hexafluoride and a number of refrigerants.

The Agency believes that these compounds are responsible for changing the planet's climate and is thus taking steps to reduce emissions of the gases throughout the nation. In taking this action, EPA is breaking new ground, by not only defining a broad new class of air pollutants, but by changing the way that the Agency regulates emissions of those pollutants.

Traditionally, EPA has set definitive, measurable goals when seeking to reduce air pollutant emissions, both in terms of how much a compound a facility is allowed to emit and in terms of the maximum amount of the pollutant that can be in the air we breathe. The Agency will not take the same approach when it comes to greenhouse gases. Instead, they will be asking facilities to reduce emissions to the greatest extent possible and economically feasible.

This initiative is the first step in filling a noticeable void in industry - the lack of independent competency training in the Operations Management (MES/MOM) arena. This lack of wide-scale competency is recognized as a major barrier to plant and supply chain optimization and global operations excellence.

With members in 85 countries globally, MESA is an independent, objective community of like-minded people and enterprises working to make Operations more reliable, capable and profitable. Some of the foremost experts across the Operations Management landscape are leading the knowledge sharing within the MESA community by offering programs across 4 continents by mid-2011.

MESA Certificate of Awareness (CoA) for MES/MOM Business Awareness: A 2-day, high-level program of MES/MOM Business Functions courses geared for executives, manufacturing/operations and IT personnel and sales professionals. The CoA courses are higher level, short versions of the CoC program.

Critical infrastructure sites and facilities are becoming increasingly dependent on interconnected physical and cyber-based real-time distributed control systems (RTDCSs). A mounting cybersecurity threat results from the nature of these ubiquitous and sometimes unrestrained communications interconnections.

This application note describes how to use the Tofino Industrial Security Solution to prevent the spread of the Stuxnet worm in both Siemens and non-Siemens network environments.

What is Stuxnet?
Stuxnet is a computer worm designed to target one or more industrial systems that use Siemens PLCs. The objective of this malware appears to be to destroy specific industrial processes.

Stuxnet will infect Windows-based computers on any control or SCADA system, regardless of whether or not it is a Siemens system. The worm only attempts to make modifications to controllers that are model S7-300 or S7-400 PLCs. However, it is aggressive on all networks and can negatively affect any control system. Infected computers may also be used as a launch point for future attacks.

How Stuxnet Spreads
Stuxnet is one of the most complex and carefully engineered worms ever seen. It takes advantage of at least four previously unknown vulnerabilities, has multiple propagation processes and shows considerable sophistication in its exploitation of Siemens control systems.

A key challenge in preventing Stuxnet infections is the large variety of techniques it uses for infecting other computers. It has three primary pathways for spreading to new victims:
- via infected removable USB drives;
- via Local Area Network communications
- via infected Siemens project files

Within these pathways, it takes advantage of seven independent mechanisms to spread to other computers.

Stuxnet also has a P2P (peer-to-peer) networking system that automatically updates all installations of the Stuxnet worm in the wild, even if they cannot connect back to the Internet. Finally, it has an Internet-based command and control mechanism that is currently disabled, but could be reactivated in the future.

ISA100 is one of three standards competing in industrial wireless sensing. What is distinctive about ISA100? What are the prospects for convergence of standards? What would convergence be worth to the industrial wireless market?

ISA100 is a major standards initiative managed by the International Society of Automation (ISA). In addition to standards development, a new organization, the ISA100 Wireless Compliance Institute (WCI), is charged with delivering compliance certification services for the work of ISA100.

The ISA100 committee establishes standards, recommended practices, technical reports, and related information for implementing wireless systems in the automation and control environment, with an initial focus on the field level. Given the committee's broad scope, they have formed a number of working groups to pursue specific tasks. The primary deliverable from the Committee thus far is the standard ISA-100.11a, "Wireless Systems for Industrial Automation: Process Control and Related Applications". However a quick glance at the list of working groups shows that several other topics will be addressed by future ISA100 deliverables.

In 2006, at about the same time ISA100 was forming, the ISA also created the non-profit Automation Standards Compliance Institute (ASCI). This organization manages certification, conformance, and compliance assessment activities in the ISA's automation domain.

ASCI extends the standards work of ISA by facilitating the effective implementation and independent testing of ISA standards. It creates a vital link between the development of standards and industries' implementation of the standards. The ISA100 Wireless Compliance Institute (WCI) functions as an operational group within ASCI. Operating the ISA100 Wireless Compliance Institute within ASCI allows it to leverage the infrastructure of ASCI, which in addition to WCI, is shared by several ASCI compliance programs.

We're about to acquire a significant new cybervulnerability. The world's energy utilities are starting to install hundreds of millions of 'smart meters' which contain a remote off switch. Its main purpose is to ensure that customers who default on their payments can be switched remotely to a prepay tariff; secondary purposes include supporting interruptible tariffs and implementing rolling power cuts at times of supply shortage. The off switch creates information security problems of a kind, and on a scale, that the energy companies have not had to face before. From the viewpoint of a cyber attacker - whether a hostile government agency, a terrorist organization or even a militant environmental group - the ideal attack on a target country is to interrupt its citizens' electricity supply. This is the cyber equivalent of a nuclear strike; when electricity stops, then pretty soon everything else does too. Until now, the only plausible ways to do that involved attacks on critical generation, transmission and distribution assets, which are increasingly well defended. Smart meters change the game. The combination of commands that will cause meters to interrupt the supply, of applets and software upgrades that run in the meters, and of cryptographic keys that are used to authenticate these commands and software changes, create a new strategic vulnerability, which we discuss in this paper.

Biweekly updates delivering feature articles, headlines with direct links to the top
news stories that are critical to staying up to date on the industry — company news,
product announcements, technical issues and more. Subscribe Today.